The annual cost to the US economy due to “malicious cyber activity” is somewhere between $57 billion and $109 billion, the White House Council of Economic Advisors said in a report last year, citing a study by Accenture and the Ponemon Institute. Each adverse event that hits a public company can shave $338 million off its market cap, according to the council report.
Russia, China, Iran, and North Korea “frequently engage in industrial espionage,” the report said. “If they have funding needs, they may conduct ransom attacks and electronic thefts of funds.” They go after military secrets, and also back corporate actors seeking “illicit access to proprietary IP, including financial, strategic, and workforce-related information on their competitors.” Members of the Chinese military have been indicted in the US for the alleged cybertheft of trade secrets from companies including Westinghouse, Alcoa, and US Steel.
The US doesn’t have enough experts to hold off its cyber adversaries, with estimates of almost 314,000 unfilled cybersecurity jobs in the US. Ron Green, a former US Secret Service agent who now heads up information security at Mastercard, tells Quartz it has taken more two years to fill some cybersecurity positions at the company. The exact number of open cybersecurity jobs in the federal government is unknown; Harvard’s Belfer Center estimates the figure at 10,000. The FBI, Treasury Department, Department of Homeland Security, and NSA have all complained in recent years of the difficulty in recruiting cybersecurity employees. Of 96 federal agencies audited by the US Office of Management and Budget last year, it found 74% of them “at risk” and at “high risk” for cyberattack.
A new partnership between the private sector and the US government is an attempt to close the so-called cybersecurity skills gap. It calls for college students who are graduating with cybersecurity-related degrees to spend two years as employees of one of a dozen or so federal agencies, after which they will be eligible for a position at Mastercard, Microsoft, or Workday. Once a candidate is hired, they will get up to $75,000 toward paying back student loans over the next two years.
Participants in the Cybersecurity Talent Initiative can work for US agencies including:
- Central Intelligence Agency
- Department of Defense
- Department of Energy
- Department of Health and Human Services
- Department of Veterans Affairs
- Environmental Protection Agency
- Federal Bureau of Investigation
- Federal Election Commission
- National Oceanic and Atmospheric Administration
- Office of Naval Intelligence
- Small Business Administration
“The threat picture is rapidly changing and they really need to build a pipeline of getting these people into positions after college,” says former CIA analyst Cindy Otis, who now works in the cybersecurity field.
College juniors can apply online now for jobs that will start in the summer or fall of 2020.